Abstract: Metadata associated with IoT devices is stored. The metadata may include categories associated with the IoT devices. At least a first category may be hierarchical such that the first category includes at least two hierarchical levels, with each hierarchical level including at least two categories, and such that each category in a hierarchical level that is below another hierarchical level is a subset of one of the categories in the hierarchical levels above that hierarchical level. User information associated with users is stored. A request associated with one of the users and further associated with access to at least one of the IoT devices is received. Responsive to the request, the access is selectively granted to the at least one of the IoT devices based upon the stored user information and the stored metadata.

Abstract: The disclosed technology is generally directed to device security in an IoT environment. For example, such technology is usable in IoT security. In one example of the technology, a set of security rules that is associated with an expected condition of at least one IoT device is stored. IoT data associated with the at least one IoT device is received. The IoT data may be aggregated data that includes at least two different types of data. A determination is made, based on the IoT data, as to whether the set of security rules has been violated. An alert is selectively sent based on the determination.

Abstract: The disclosed technology is generally directed to device authentication in an IoT environment. For example, such technology is usable in authenticating IoT devices to an IoT Hub. In one example of the technology, data field targets are received for an IoT device. The data field targets may include at least one device identity data field target and at least one telemetry data field target. Data field entries are received from the IoT device at a first time. The data field entries may include at least one device identity data field entry and at least one telemetry data field entry. A determination is made as to whether the data field entries match the corresponding data field targets for the IoT device. The IoT device is selectively allowed to connect to the IoT hub based on the determination.

Abstract: The disclosed technology is generally directed to device provisioning in an IoT environment. For example, such technology is usable in provisioning IoT devices to an IoT Hub. In one example of the technology, an identification message that includes information associated with identification of a first IoT device is received. The validity of the first IoT device is then verified. After the first IoT device is verified, based at least in part on the identification message, an IoT hub is selected from a plurality of IoT hubs. The first IoT device is then caused to be registered with the selected IoT hub.

Abstract: The disclosed technology is generally directed to IoT communications. For example, such technology is usable in provisioning IoT devices in an automatic manner with no manual steps. In one example of the technology, upon initial boot, identification information is automatically sent to a provisioning service endpoint stored in the IoT device. The identification information includes an identification (ID) of the first IoT device. Cryptographic information is received from the provisioning service. The cryptographic information is associated with an IoT hub selected from a plurality of IoT hubs based, in part, on the ID of the first IoT device. A message is automatically sent to the IoT hub in response to receiving the cryptographic information. A new configuration file and a firmware update are received from the IoT hub without requiring a user association. The new configuration file and the firmware update are automatically installed.

Abstract: A method, system, and one or more computer-readable storage media for behavior based authentication for touch screen devices are provided herein. The method includes acquiring a number of training samples corresponding to a first action performed on a touch screen of a touch screen device, wherein the first action includes an input of a signature or a gesture by a legitimate user. The method also includes generating a user behavior model based on the training samples and acquiring a test sample corresponding to a second action performed on the touch screen, wherein the second action includes an input of the signature or the gesture by a user. The method further includes classifying the test sample based on the user behavior model, wherein classifying the test sample includes determining whether the user is the legitimate user or an imposter.

Abstract: A method, system, and one or more computer-readable storage media for behavior based authentication for touch screen devices are provided herein. The method includes acquiring a number of training samples corresponding to a first action performed on a touch screen of a touch screen device, wherein the first action includes an input of a signature or a gesture by a legitimate user. The method also includes generating a user behavior model based on the training samples and acquiring a test sample corresponding to a second action performed on the touch screen, wherein the second action includes an input of the signature or the gesture by a user. The method further includes classifying the test sample based on the user behavior model, wherein classifying the test sample includes determining whether the user is the legitimate user or an imposter.

Abstract: A method, system, and one or more computer-readable storage media for behavior based authentication for touch screen devices are provided herein. The method includes acquiring a number of training samples corresponding to a first action performed on a touch screen of a touch screen device, wherein the first action includes an input of a signature or a gesture by a legitimate user. The method also includes generating a user behavior model based on the training samples and acquiring a test sample corresponding to a second action performed on the touch screen, wherein the second action includes an input of the signature or the gesture by a user. The method further includes classifying the test sample based on the user behavior model, wherein classifying the test sample includes determining whether the user is the legitimate user or an imposter.

Abstract: Techniques to share binary content are described. An apparatus may comprise a first related client having a message platform with a file share feature and an object store, the file share feature operative to retrieve a data object for a publishing client having a defined relationship with the first related client and a second related client, the first related client to send the data object to the second related client on behalf of the publishing client, and the object store operative to store and manage the data object using a unique name identifier received with the data object. Other embodiments are described and claimed.